Jump to content

Existing user? Sign In
Sign In

Remember me Not recommended on shared computers

Forgot your password?
Sign Up

Browse
- Forums
- Staff
- Online Users
- Leaderboard
- More
Activity
- All Activity
- Search
- More
Leaderboard
More
- More

Home

sqlman

Members

View Profile See their activity

Posts
1
Joined
August 31, 2015
Last visited
June 21, 2021

Recent Profile Visitors

384 profile views

donlego

October 24, 2020

sqlman's Achievements

Newbie

Newbie (1/4)

0

Reputation

Is it possible to protect POST params from HTTPAnalyzer?

sqlman replied to elGringo's topic in General

@andyhill: you should not create the token on the user device, try this way: 1. User logged in with his device with your application. 2. Your applicationserver verified the user an generates a token. The server stores this token an the userid in a database (you can store here accesrights , too). 3. Your applicationserver sends back the token to the user device. Now the communication loop for your application: 4. The userdevice sends with all connections the token to the server. 5. With the token the server can identify the user/device without password and username. The token should have a short lifetime. You can generate a new token after each request of the client for some kind of "one-use-token". Greetings Ralf
- July 16, 2018
- 13 replies

×

Browse
- Back
- Browse
- Forums
- Staff
- Online Users
- Leaderboard
Activity
- Back
- All Activity
- Search
Leaderboard

×

Create New...